- Advisory ID
- Betroffene Versionen
- MES5 i586 , MES5 x86_64
Multiple vulnerabilities has been found and corrected in sudo:
sudo 1.6.0 through 1.7.10p6 and sudo 1.8.0 through 1.8.6p6 allows
local users or physically-proximate attackers to bypass intended time
restrictions and retain privileges without re-authenticating by setting
the system clock and sudo user timestamp to the epoch (CVE-2013-1775).
Sudo before 1.8.6p7 allows a malicious user to run commands via
sudo without authenticating, so long as there exists a terminal the
user has access to where a sudo command was successfully run by that
same user within the password timeout period (usually five minutes)
The updated packages have been patched to correct these issues.
0a63960282d3502946d4f2a1f09992a9 mes5/i586/sudo-1.7.4p6-0.3mdvmes5.2.i586.rpm 30d4c634b9383cac4ab2dafdc68891ad mes5/SRPMS/sudo-1.7.4p6-0.3mdvmes5.2.src.rpm
dd2b2eb33fd27b522216e664a5e95744 mes5/x86_64/sudo-1.7.4p6-0.3mdvmes5.2.x86_64.rpm 30d4c634b9383cac4ab2dafdc68891ad mes5/SRPMS/sudo-1.7.4p6-0.3mdvmes5.2.src.rpm